broken header without HAProxy

2019-06-03 Thread arashad
Hello, I'm trying to remove HAProxy from my setup but i keep getting "broken header while reading proxy protocol" and the website won't open at all. If i remove the "send-proxy" from HAProxy the website won't open also. Posted at Nginx Forum: https://forum.nginx.org/read.php?2,284428,284428#msg-

auth_request with grpc

2019-06-03 Thread walt
Hi all, I'm attempting to use ngx_http_auth_request_module with grpc. When I pass a valid Authorization header with the grpc request everything works fine. Unfortunately when auth_request fails, the grpc client doesn't seem to register the 401 response from nginx and hangs. Has anyone had success

SMTP proxy with "STARTTLS only" accepts unencrypted mail

2019-06-03 Thread Marcus
Hello Nginx users, I try to use NGiNX 1.10.3-1+deb9u2 (Debian 9 version) as SMTP proxy in front of a postfix server. I defined one server that should accept encrypted connections only. Therefore I set "starttls only". But this server accepts plaintext mails also. If I use telnet to test the

Reverse proxy'ing of socket.io events not working

2019-06-03 Thread Leonard Theivendra
Hi, I've been trying to get nginx reverse proxy'ing of socket.io events working but not having any luck so would greatly appreciate any help/insight. Basically my scenario is: nginx running in a docker container (based on the nginx:stable-alpine image), a node server app serving up rest APIs as w

Re: ssl_trusted_certificate doesn't accept @server_name variable

2019-06-03 Thread devCU
Thanks for the info, I am using SED though a bash script to replace the proper domain during account user and web setup and it works fine, just thought I could take it another step. Read the link on variables and it makes sense, will continue to stick with my current setup. Thanks! Posted at Ngin

Re: njs: how to define a global variable

2019-06-03 Thread Dmitry Volyntsev
On 29.05.2019 20:02, guy1976 wrote: hi is it possible to define a global variable that will be persist for different requests? Hi Guy, Currently it is not possible as all njs VM are short-lived (a VM per request). If performance is not a serious issue you can use FS API (see http://ngi

Re: ssl_trusted_certificate doesn't accept @server_name variable

2019-06-03 Thread Maxim Dounin
Hello! On Mon, Jun 03, 2019 at 05:42:22AM -0400, devCU wrote: > The following works as advertised in my vhost server block > > ssl_certificate /etc/letsencrypt/live/mydomain.com/fullchain.pem; > ssl_certificate_key > /etc/letsencrypt/live/mydomain.com/privkey.pem; > ssl

ssl_trusted_certificate doesn't accept @server_name variable

2019-06-03 Thread devCU
The following works as advertised in my vhost server block ssl_certificate /etc/letsencrypt/live/mydomain.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/mydomain.com/privkey.pem; ssl_trusted_certificate /etc/letsencrypt/live/mydomain.com/chain.pem; To bette